oh, and on more thing: good talk by the way, I enjoyed it very much! ;)
Shadi Abou-Zahra wrote:
>
> Hi Kai,
>
> This response won't be much help, but you may be interested to know that
> we've had the same discussion around EARL. How do you trust a report put
> on a Web site or some kind of a repository?
>
> We have not taken specific action on this, except to try and explain how
> a security layer could be placed on-top of the EARL format. For example,
> by using signatures on the XML serialization of the RDF.
>
> I agree with you that this is an important topic that always comes up in
> one form or the other. I'd be interested if the POWDER folks can come up
> with something that we can reuse for EARL... ;)
>
> Regards,
> Shadi
>
>
> Scheppe, Kai-Dietrich wrote:
>> Phil had asked about China and the WWW2008 conference.
>>
>> Yes, there is something to report.
>> I gave a short presentation on POWDER. It went fine, people seemed
>> interested, there were few questions.
>>
>> However, one point came up in several conversations with several people
>> - that of security.
>>
>> Basically I was asked:
>> How do you ensure that the DR which has been written does in fact
>> come from that person or entity?
>>
>> I believe we had, a long time ago, discussed digital signatures, but
>> wasn't sure what had come of all that.
>>
>>
>> Question to the group: Will we deal with that? And if yes, how?
>>
>> The easy way out would be to say no, trust is up to the user and we
>> won't bother, but I was struck by how this point came up several times
>> independently, thus I think it is not something to be brushed aside.
>>
>> -- Kai
>>
>>
>>
>>
>>
>>
>>
>
--
Shadi Abou-Zahra - http://www.w3.org/People/shadi/ |
WAI International Program Office Activity Lead |
W3C Evaluation & Repair Tools Working Group Chair |